A while back, HP was in town for a meeting and brought along a new product that was just about to go into beta and which is now shipping.  It's called the MSM317.   It's part of their wireless product family, but it does more than just wireless.  It's a 5-port 10/100 wall-plate switch that also includes an 802.11b/g access point.  Wall-plate switches are nothing new.  3Com (who HP recently announced an intention to buy) has been selling them for years.  It fits inside an electrical box, has 4 front-side ports for users and one port on the back to terminate the cable coming from the Ethernet switch in the wiring closet.  It's powered by PoE and only uses 7.5 watts so it can provide 7.5 watts of PoE to one of the front side ports.

So if there's nothing new about this then why am I writing about it ?

What I found very intriguing is that it's managed through the same controllers that manage HP's wireless access points.  So in addition to being able to configure wireless parameters such as SSID settings through the controllers, you can also configure the wired switch settings such as 802.1x and VLAN tagging through the controllers.  The HP controllers allow you to group devices and configure all the devices in a group once. Also, like the wireless access points, when an MSM317 boots up, it automatically finds it's controller, typically through DHCP options, and then downloads the appropriate firmware and configuration.  Also, the user traffic doesn't have to go through the controller at all.  It can pass right onto the wired network in the building.  I thought, man, if you're going to deploy hundreds or thousands of these, it makes management a whole lot easier !

But wait, we have over 1,500 enterprise-class Ethernet switches in our wiring closets ?   Couldn't something like this make it a whole lot easier to manage all of those switches too ?  So what if we had controllers for all our Ethernet switches ?  In a wireless environment where traffic is all forwarded locally instead of centrally through the controllers, what are controllers really used for ?

The answer is that the controller provides a tightly integrated mechanism for managing a large group of devices (wireless access points today) almost as a single device.  I can put the 80 access points in a building into a group and then simply configure a new SSID for 1 group and have it applied to all 80 access points.  Or I can upgrade code on 1 controller and have that push automatically to 200+ access points.  

The other powerful feature of wireless controllers is that they understand topology.  A controller talks to all the APs and knows which APs each AP can see (ie their topology).  It can then do very cool things like tell all the APs the best channel to select or help control which clients associate with which AP.  Why couldn't this be applied to wireless networks ?  For example, if a wired controller knew the switch topology, wouldn't it be very easy to provision new VLANs in a building ?   What about feature like DHCP snooping where you need to manually configure uplink and/or downlink ports ?   Or what about processes like upgrading firmware where you want to upgrade the "edge" switches first and move towards the core, making sure each switch comes up before you reboot it's upstream switch and potentially cut yourself off ?  

The bottom line is that we need controllers for wired switches for all the same reasons we have controllers for wireless access points !   In order to manage hundreds or thousands of devices that are all nearly identical, you need to manage them as groups (e.g. all the devices in a building) as if they were a single device.  

A few years ago I had the pleasure of having lunch with Dr. Doug Comer from Purdue University.  He said something that day that stuck with me.  He said that we need to get to the point that we manage whole networks the way we currently manage individual nodes in the network.  In theory, a centralized NMS package could do this, but in practice that has never happened.  The controller-based model, when done well, is a big step in the right direction.  Perhaps we need to think about expanding the model to include wired switches as well ?